Issues in LaravelSSOServer.php (master) - Issues in master - zefy/laravel-sso - Measure and Improve Code Quality continuously with Scrutinizer

Issues (5)

src/LaravelSSOServer.php (1 issue)

Labels

Severity

Major 1

<?php

namespace Zefy\LaravelSSO;

use Illuminate\Database\Eloquent\ModelNotFoundException;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Cache;
use Illuminate\Support\Facades\Session;
use Zefy\SimpleSSO\SSOServer;
use Zefy\LaravelSSO\Resources\UserResource;

class LaravelSSOServer extends SSOServer
{
    /**
     * Redirect to provided URL with query string.
     *
     * If $url is null, redirect to url which given in 'return_url'.
     *
     * @param string|null $url URL to be redirected.
     * @param array $parameters HTTP query string.
     * @param int $httpResponseCode HTTP response code for redirection.
     *
     * @return void
     */
    protected function redirect(?string $url = null, array $parameters = [], int $httpResponseCode = 307)
    {
        if (!$url) {
            $url = urldecode(request()->get('return_url', null));
        }

        $query = '';
        // Making URL query string if parameters given.
        if (!empty($parameters)) {
            $query = '?';

            if (parse_url($url, PHP_URL_QUERY)) {
                $query = '&';
            }

            $query .= http_build_query($parameters);
        }

        app()->abort($httpResponseCode, '', ['Location' => $url . $query]);
    }

    /**
     * Returning json response for the broker.
     *
     * @param null|array $response Response array which will be encoded to json.
     * @param int $httpResponseCode HTTP response code.
     *
     * @return string
     */
    protected function returnJson(?array $response = null, int $httpResponseCode = 200)
    {
        return response()->json($response, $httpResponseCode);
    }

    /**
     * Authenticate using user credentials
     *
     * @param string $username
     * @param string $password
     *
     * @return bool
     */
    protected function authenticate(string $username, string $password)
    {
        if (!Auth::attempt(['username' => $username, 'password' => $password])) {
            return false;
        }

        // After authentication Laravel will change session id, but we need to keep
        // this the same because this session id can be already attached to other brokers.
        $sessionId = $this->getBrokerSessionId();
        $savedSessionId = $this->getBrokerSessionData($sessionId);
        $this->startSession($savedSessionId);

        return true;
    }

    /**
     * Get the secret key and other info of a broker
     *
     * @param string $brokerId
     *
     * @return null|array
     */
    protected function getBrokerInfo(string $brokerId)
    {
        try {
            $broker = config('laravel-sso.brokersModel')::where('name', $brokerId)->firstOrFail();
        } catch (ModelNotFoundException $e) {
            return null;
        }

        return $broker;
    }

    /**
     * Get the information about a user
     *
     * @param string $username
     *
     * @return array|object|null
     */
    protected function getUserInfo(string $username)
    {
        try {
            $user = config('laravel-sso.usersModel')::where('username', $username)->firstOrFail();
        } catch (ModelNotFoundException $e) {
            return null;
        }

        return $user;
    }

    /**
     * Returning user info for broker. Should return json or something like that.
     *
     * @param array|object $user Can be user object or array.
     *
     * @return array|object|UserResource
     */
    protected function returnUserInfo($user)
    {
        return new UserResource($user);
    }

    /**
     * Return session id sent from broker.
     *
     * @return null|string
     */
    protected function getBrokerSessionId()
    {
        $authorization = request()->header('Authorization', null);
        if ($authorization &&  strpos($authorization, 'Bearer') === 0) {
            return substr($authorization, 7);
        }

        return null;
    }

    /**
     * Start new session when user visits server.
     *
     * @return void
     */
    protected function startUserSession()
    {
        // Session must be started by middleware.
    }

    /**
     * Set session data
     *
     * @param string $key
     * @param null|string $value
     *
     * @return void
     */
    protected function setSessionData(string $key, ?string $value = null)
    {
        if (!$value) {
            Session::forget($key);
            return;
        }

        Session::put($key, $value);
    }

    /**
     * Get data saved in session.
     *
     * @param string $key
     *
     * @return string
     */
    protected function getSessionData(string $key)
    {
        if ($key === 'id') {
            return Session::getId();
        }

        return Session::get($key, null);
    }

    /**
     * Start new session with specific session id.
     *
     * @param $sessionId
     *
     * @return void
     */
    protected function startSession(string $sessionId)
    {
        Session::setId($sessionId);
        Session::start();
    }

    /**
     * Save broker session data to cache.
     *
     * @param string $brokerSessionId
     * @param string $sessionData
     *
     * @return void
     */
    protected function saveBrokerSessionData(string $brokerSessionId, string $sessionData)
    {
        Cache::put('broker_session:' . $brokerSessionId, $sessionData, now()->addHour());
    }

    /**
     * Get broker session data from cache.
     *
     * @param string $brokerSessionId
     *
     * @return null|string
     */
    protected function getBrokerSessionData(string $brokerSessionId)
    {
        return Cache::get('broker_session:' . $brokerSessionId);

    }
}


1			<?php
2
3			namespace Zefy\LaravelSSO;
4
5			use Illuminate\Database\Eloquent\ModelNotFoundException;
6			use Illuminate\Support\Facades\Auth;
7			use Illuminate\Support\Facades\Cache;
8			use Illuminate\Support\Facades\Session;
9			use Zefy\SimpleSSO\SSOServer;
10			use Zefy\LaravelSSO\Resources\UserResource;
11
12			class LaravelSSOServer extends SSOServer
13			{
14			/**
15			* Redirect to provided URL with query string.
16			*
17			* If $url is null, redirect to url which given in 'return_url'.
18			*
19			* @param string\|null $url URL to be redirected.
20			* @param array $parameters HTTP query string.
21			* @param int $httpResponseCode HTTP response code for redirection.
22			*
23			* @return void
24			*/
25			protected function redirect(?string $url = null, array $parameters = [], int $httpResponseCode = 307)
26			{
27			if (!$url) {
28			$url = urldecode(request()->get('return_url', null));
29			}
30
31			$query = '';
32			// Making URL query string if parameters given.
33			if (!empty($parameters)) {
34			$query = '?';
35
36			if (parse_url($url, PHP_URL_QUERY)) {
37			$query = '&';
38			}
39
40			$query .= http_build_query($parameters);
41			}
42
43			app()->abort($httpResponseCode, '', ['Location' => $url . $query]);
44			}
45
46			/**
47			* Returning json response for the broker.
48			*
49			* @param null\|array $response Response array which will be encoded to json.
50			* @param int $httpResponseCode HTTP response code.
51			*
52			* @return string
53			*/
54			protected function returnJson(?array $response = null, int $httpResponseCode = 200)
55			{
56			return response()->json($response, $httpResponseCode);
57			}
58
59			/**
60			* Authenticate using user credentials
61			*
62			* @param string $username
63			* @param string $password
64			*
65			* @return bool
66			*/
67			protected function authenticate(string $username, string $password)
68			{
69			if (!Auth::attempt(['username' => $username, 'password' => $password])) {
70			return false;
71			}
72
73			// After authentication Laravel will change session id, but we need to keep
74			// this the same because this session id can be already attached to other brokers.
75			$sessionId = $this->getBrokerSessionId();
76			$savedSessionId = $this->getBrokerSessionData($sessionId);
77			$this->startSession($savedSessionId);
78
79			return true;
80			}
81
82			/**
83			* Get the secret key and other info of a broker
84			*
85			* @param string $brokerId
86			*
87			* @return null\|array
88			*/
89			protected function getBrokerInfo(string $brokerId)
90			{
91			try {
92			$broker = config('laravel-sso.brokersModel')::where('name', $brokerId)->firstOrFail();
93			} catch (ModelNotFoundException $e) {
94			return null;
95			}
96
97			return $broker;
98			}
99
100			/**
101			* Get the information about a user
102			*
103			* @param string $username
104			*
105			* @return array\|object\|null
106			*/
107			protected function getUserInfo(string $username)
108			{
109			try {
110			$user = config('laravel-sso.usersModel')::where('username', $username)->firstOrFail();
111			} catch (ModelNotFoundException $e) {
112			return null;
113			}
114
115			return $user;
116			}
117
118			/**
119			* Returning user info for broker. Should return json or something like that.
120			*
121			* @param array\|object $user Can be user object or array.
122			*
123			* @return array\|object\|UserResource
124			*/
125			protected function returnUserInfo($user)
126			{
127			return new UserResource($user);
128			}
129
130			/**
131			* Return session id sent from broker.
132			*
133			* @return null\|string
134			*/
135			protected function getBrokerSessionId()
136			{
137			$authorization = request()->header('Authorization', null);
138			if ($authorization && strpos($authorization, 'Bearer') === 0) {
139			return substr($authorization, 7);
140			}
141
142			return null;
143			}
144
145			/**
146			* Start new session when user visits server.
147			*
148			* @return void
149			*/
150			protected function startUserSession()
151			{
152			// Session must be started by middleware.
153			}
154
155			/**
156			* Set session data
157			*
158			* @param string $key
159			* @param null\|string $value
160			*
161			* @return void
162			*/
163			protected function setSessionData(string $key, ?string $value = null)
164			{
165			if (!$value) {
166			Session::forget($key);
167			return;
168			}
169
170			Session::put($key, $value);
171			}
172
173			/**
174			* Get data saved in session.
175			*
176			* @param string $key
177			*
178			* @return string
179			*/
180			protected function getSessionData(string $key)
181			{
182			if ($key === 'id') {
183			return Session::getId();
184			}
185
186			return Session::get($key, null);
187			}
188
189			/**
190			* Start new session with specific session id.
191			*
192			* @param $sessionId
193			*
194			* @return void
195			*/
196			protected function startSession(string $sessionId)
197			{
198			Session::setId($sessionId);
199			Session::start();
200			}
201
202			/**
203			* Save broker session data to cache.
204			*
205			* @param string $brokerSessionId
206			* @param string $sessionData
207			*
208			* @return void
209			*/
210			protected function saveBrokerSessionData(string $brokerSessionId, string $sessionData)
211			{
212			Cache::put('broker_session:' . $brokerSessionId, $sessionData, now()->addHour());
213			}
214
215			/**
216			* Get broker session data from cache.
217			*
218			* @param string $brokerSessionId
219			*
220			* @return null\|string
221			*/
222			protected function getBrokerSessionData(string $brokerSessionId)
223			{
224			return Cache::get('broker_session:' . $brokerSessionId);
			0 ignored issues – show Bug Best Practice introduced 2018-03-16 13:36 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `return Illuminate\Suppor...n:' . $brokerSessionId)` returns the type `Illuminate\Contracts\Cache\Repository` which is incompatible with the documented return type `null\|string`. Loading history...
225			}
226			}
227

zefy / laravel-sso

Issues (5)

src/LaravelSSOServer.php (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like